HIPAA may protect your privacy in matters of health information, but when your name is removed from medical data, your consent for sharing is not required. As Adam Tanner, a fellow at Harvard's Institute for Quantitative Social Science, proves, tracking down individuals based on their "anonymous" records can be incredibly simple. Today, even our most personal health conditions are part of a vast but hidden market for our medical data. We deserve to know about it.
The reality is that information you take to your doctor and your pharmacy gets widely bought and sold, usually without your knowledge or consent. The aggregated results of this trade are available to marketers and researchers, but not to you. Some of the data will be used for noble ends, like helping researchers cure diseases and improve public health. Some of the data will be used for less elevated ends, like helping pharmaceutical companies hawk their products more effectively. And some of the data will be used for purposes we cannot imagine, because we have no information or legal say in the matter. It is all part of an immense hidden market for your intimate information.
Consider what happens if you're a male patient buying a dose of Viagra. If the drug is covered by insurance, you pay only a small fraction of the total cost, and the rest comes from your insurer. To receive that payment, the pharmacist enters your details into a computer, which then delivers the data to what is called a pharmacy benefit manager, or PBM. This is an entity that acts as a claims processor, contacting the patient’s insurance company, confirming the co-pay amount, and approving the transaction. Then the pharmacy dispenses the drug.
So far, you have personally encountered only your doctor and your pharmacist. But the PBM that transmits the data has now learned that you suffer from erectile dysfunction, as has your insurance company. Sometimes other middlemen, such as the company running the pharmacy’s computer database, will find out as well. If your record of Viagra purchasing is sold off to an outside buyer, it will be stripped of your name and other identifiers, but information such as your year of birth, gender, partial postal code, and doctor’s name will typically remain.
For more from Pacific Standard, and to support our work, sign up for our email newsletter and subscribe to our print magazine, where this piece also appeared. Digital editions are available in the App Store and on Zinio and other platforms.